Metasploit 2

Scanning By Modules

Metasploit contains a lot of modules such as (port scanners , banner grabbers for services ... etc).
We will use here some of these modules

Note: to get port scanner modules msf>search portscan


1- TCP-SYN scanning

To make TCP-SYN port scan (syn)

To use a module use (use) command

msf>use auxiliary/scanner/portscan/syn

Then to adjust this modules use (show options) , you will see many options and you can set any variable you want by (set) command

For example to set IP address of the target address
set RHOST 192.168.0.1
set THREADS 100



To start execute the module use (run) command



2- SMB (server message block)

We use this scan to get Windows version (smb_version)

msf>use auxiliary/scanner/smb/smb_version




3- FTP scan 

To get FTP version or FTP banner (ftp_version)

msf>use auxiliary/scanner/ftp/ftp_version




To get tgat FTP alloow anonymous login (anonymous)

msf>use auxiliary/scanner/ftp/anonymous

4- SSH scan 

To get SSH version (ssh_version)

msf>use auxiliary/scanner/ssh/ssh_version




5- MS-SQL scan

MS-SQL uses static TCP port 1433 or it's use a dynamic porting so it's uses a query UDP port 1434
(ms-sql) module can do
A- Locate MS-SQL in a network
B- Get the instance name
C - Get porn number
D- Get the version of MS-SQL

msf>use auxiliary/scanner/mssql/mssql_ping

Note: For sure these modules can use for entire network
(set RHOST 192.168.0.0/24)